From 7c275fed9d93e0c45b2fb00d94bde702b44c8811 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= <dominik@dominikschuermann.de>
Date: Thu, 30 Apr 2015 18:45:43 +0200
Subject: API: Allow selection of decryption keys when decryption fails

---
 OpenKeychain/src/main/AndroidManifest.xml          |   5 +
 .../keychain/remote/OpenPgpService.java            |  34 ++++--
 .../keychain/remote/ui/RemoteServiceActivity.java  |   1 +
 .../remote/ui/SelectAllowedKeysActivity.java       | 115 +++++++++++++++++++++
 .../res/layout/api_remote_select_allowed_keys.xml  |  38 +++++++
 OpenKeychain/src/main/res/values/strings.xml       |   1 +
 6 files changed, 188 insertions(+), 6 deletions(-)
 create mode 100644 OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/SelectAllowedKeysActivity.java
 create mode 100644 OpenKeychain/src/main/res/layout/api_remote_select_allowed_keys.xml

(limited to 'OpenKeychain')

diff --git a/OpenKeychain/src/main/AndroidManifest.xml b/OpenKeychain/src/main/AndroidManifest.xml
index 8c66176fd..6bc61460a 100644
--- a/OpenKeychain/src/main/AndroidManifest.xml
+++ b/OpenKeychain/src/main/AndroidManifest.xml
@@ -740,6 +740,11 @@
             android:exported="false"
             android:label="@string/app_name"
             android:launchMode="singleTop" />
+        <activity
+            android:name=".remote.ui.SelectAllowedKeysActivity"
+            android:exported="false"
+            android:label="@string/app_name"
+            android:launchMode="singleTop" />
         <activity
             android:name=".remote.ui.AppSettingsActivity"
             android:configChanges="orientation|screenSize|keyboardHidden|keyboard"
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
index c51edf59c..badc3c131 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
@@ -34,6 +34,7 @@ import org.openintents.openpgp.util.OpenPgpApi;
 import org.spongycastle.bcpg.CompressionAlgorithmTags;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.operations.results.DecryptVerifyResult;
+import org.sufficientlysecure.keychain.operations.results.OperationResult;
 import org.sufficientlysecure.keychain.operations.results.OperationResult.LogEntryParcel;
 import org.sufficientlysecure.keychain.operations.results.PgpSignEncryptResult;
 import org.sufficientlysecure.keychain.pgp.PgpConstants;
@@ -47,6 +48,7 @@ import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
 import org.sufficientlysecure.keychain.provider.KeychainDatabase.Tables;
 import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.remote.ui.RemoteServiceActivity;
+import org.sufficientlysecure.keychain.remote.ui.SelectAllowedKeysActivity;
 import org.sufficientlysecure.keychain.remote.ui.SelectSignKeyIdActivity;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
@@ -205,6 +207,18 @@ public class OpenPgpService extends RemoteService {
                 PendingIntent.FLAG_CANCEL_CURRENT);
     }
 
+    private PendingIntent getSelectAllowedKeysIntent(Intent data) {
+        // If signature is unknown we return an _additional_ PendingIntent
+        // to retrieve the missing key
+        Intent intent = new Intent(getBaseContext(), SelectAllowedKeysActivity.class);
+        intent.putExtra(SelectAllowedKeysActivity.EXTRA_SERVICE_INTENT, data);
+        intent.setData(KeychainContract.ApiApps.buildByPackageNameUri(getCurrentCallingPackage()));
+
+        return PendingIntent.getActivity(getBaseContext(), 0,
+                intent,
+                PendingIntent.FLAG_CANCEL_CURRENT);
+    }
+
     private PendingIntent getShowKeyPendingIntent(long masterKeyId) {
         Intent intent = new Intent(getBaseContext(), ViewKeyActivity.class);
         intent.setData(KeyRings.buildGenericKeyRingUri(masterKeyId));
@@ -476,13 +490,12 @@ public class OpenPgpService extends RemoteService {
             }
 
             String currentPkg = getCurrentCallingPackage();
-            Set<Long> allowedKeyIds;
+            Set<Long> allowedKeyIds = mProviderHelper.getAllowedKeyIdsForApp(
+                    KeychainContract.ApiAllowedKeys.buildBaseUri(currentPkg));
+
             if (data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) < 7) {
-                allowedKeyIds = mProviderHelper.getAllKeyIdsForApp(
-                        ApiAccounts.buildBaseUri(currentPkg));
-            } else {
-                allowedKeyIds = mProviderHelper.getAllowedKeyIdsForApp(
-                        KeychainContract.ApiAllowedKeys.buildBaseUri(currentPkg));
+                allowedKeyIds.addAll(mProviderHelper.getAllKeyIdsForApp(
+                        ApiAccounts.buildBaseUri(currentPkg)));
             }
 
             long inputLength = is.available();
@@ -575,6 +588,15 @@ public class OpenPgpService extends RemoteService {
                 return result;
             } else {
                 LogEntryParcel errorMsg = pgpResult.getLog().getLast();
+
+                if (errorMsg.mType == OperationResult.LogType.MSG_DC_ERROR_NO_KEY) {
+                    // allow user to select allowed keys
+                    Intent result = new Intent();
+                    result.putExtra(OpenPgpApi.RESULT_INTENT, getSelectAllowedKeysIntent(data));
+                    result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_USER_INTERACTION_REQUIRED);
+                    return result;
+                }
+
                 throw new Exception(getString(errorMsg.mType.getMsgId()));
             }
 
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/RemoteServiceActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/RemoteServiceActivity.java
index f312c0d44..5facde64f 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/RemoteServiceActivity.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/RemoteServiceActivity.java
@@ -45,6 +45,7 @@ import org.sufficientlysecure.keychain.util.Log;
 
 import java.util.ArrayList;
 
+// TODO: make extensible BaseRemoteServiceActivity and extend these cases from it
 public class RemoteServiceActivity extends BaseActivity {
 
     public static final String ACTION_REGISTER = Constants.INTENT_PREFIX + "API_ACTIVITY_REGISTER";
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/SelectAllowedKeysActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/SelectAllowedKeysActivity.java
new file mode 100644
index 000000000..767106ff0
--- /dev/null
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/SelectAllowedKeysActivity.java
@@ -0,0 +1,115 @@
+/*
+ * Copyright (C) 2015 Dominik Schürmann <dominik@dominikschuermann.de>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package org.sufficientlysecure.keychain.remote.ui;
+
+import android.app.Activity;
+import android.content.Intent;
+import android.net.Uri;
+import android.os.Bundle;
+import android.view.View;
+
+import org.sufficientlysecure.keychain.Constants;
+import org.sufficientlysecure.keychain.R;
+import org.sufficientlysecure.keychain.provider.KeychainContract;
+import org.sufficientlysecure.keychain.ui.base.BaseActivity;
+import org.sufficientlysecure.keychain.util.Log;
+
+public class SelectAllowedKeysActivity extends BaseActivity {
+
+    public static final String EXTRA_SERVICE_INTENT = "data";
+
+    private Uri mAppUri;
+
+    private AppSettingsAllowedKeysListFragment mAllowedKeysFragment;
+
+    Intent mServiceData;
+
+    @Override
+    protected void onCreate(Bundle savedInstanceState) {
+        super.onCreate(savedInstanceState);
+
+        // Inflate a "Done" custom action bar
+        setFullScreenDialogDoneClose(R.string.api_settings_save,
+                new View.OnClickListener() {
+                    @Override
+                    public void onClick(View v) {
+                        save();
+                    }
+                },
+                new View.OnClickListener() {
+                    @Override
+                    public void onClick(View v) {
+                        cancel();
+                    }
+                });
+
+        Intent intent = getIntent();
+        mServiceData = intent.getParcelableExtra(EXTRA_SERVICE_INTENT);
+        mAppUri = intent.getData();
+        if (mAppUri == null) {
+            Log.e(Constants.TAG, "Intent data missing. Should be Uri of app!");
+            finish();
+            return;
+        } else {
+            Log.d(Constants.TAG, "uri: " + mAppUri);
+            loadData(savedInstanceState, mAppUri);
+        }
+    }
+
+    @Override
+    protected void initLayout() {
+        setContentView(R.layout.api_remote_select_allowed_keys);
+    }
+
+    private void save() {
+        mAllowedKeysFragment.saveAllowedKeys();
+        setResult(Activity.RESULT_OK, mServiceData);
+        finish();
+    }
+
+    private void cancel() {
+        setResult(Activity.RESULT_CANCELED);
+        finish();
+    }
+
+    private void loadData(Bundle savedInstanceState, Uri appUri) {
+        Uri allowedKeysUri = appUri.buildUpon().appendPath(KeychainContract.PATH_ALLOWED_KEYS).build();
+        Log.d(Constants.TAG, "allowedKeysUri: " + allowedKeysUri);
+        startListFragments(savedInstanceState, allowedKeysUri);
+    }
+
+    private void startListFragments(Bundle savedInstanceState, Uri allowedKeysUri) {
+        // However, if we're being restored from a previous state,
+        // then we don't need to do anything and should return or else
+        // we could end up with overlapping fragments.
+        if (savedInstanceState != null) {
+            return;
+        }
+
+        // Create an instance of the fragments
+        mAllowedKeysFragment = AppSettingsAllowedKeysListFragment.newInstance(allowedKeysUri);
+        // Add the fragment to the 'fragment_container' FrameLayout
+        // NOTE: We use commitAllowingStateLoss() to prevent weird crashes!
+        getSupportFragmentManager().beginTransaction()
+                .replace(R.id.api_allowed_keys_list_fragment, mAllowedKeysFragment)
+                .commitAllowingStateLoss();
+        // do it immediately!
+        getSupportFragmentManager().executePendingTransactions();
+    }
+
+}
diff --git a/OpenKeychain/src/main/res/layout/api_remote_select_allowed_keys.xml b/OpenKeychain/src/main/res/layout/api_remote_select_allowed_keys.xml
new file mode 100644
index 000000000..e052ff333
--- /dev/null
+++ b/OpenKeychain/src/main/res/layout/api_remote_select_allowed_keys.xml
@@ -0,0 +1,38 @@
+<?xml version="1.0" encoding="utf-8"?>
+<RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android"
+    android:layout_width="match_parent"
+    android:layout_height="match_parent">
+
+    <include
+        android:id="@+id/toolbar_include"
+        layout="@layout/toolbar_standalone" />
+
+    <LinearLayout
+        android:layout_below="@id/toolbar_include"
+        android:padding="16dp"
+        android:layout_width="fill_parent"
+        android:layout_height="fill_parent"
+        android:orientation="vertical">
+
+        <TextView
+            android:id="@+id/api_select_keys_text"
+            android:layout_width="match_parent"
+            android:layout_height="wrap_content"
+            android:paddingTop="8dp"
+            android:paddingLeft="8dp"
+            android:paddingRight="8dp"
+            android:textAppearance="?android:attr/textAppearanceMedium"
+            android:text="@string/api_select_keys_text" />
+
+        <ScrollView
+            android:layout_width="match_parent"
+            android:layout_height="match_parent">
+
+            <FrameLayout
+                android:id="@+id/api_allowed_keys_list_fragment"
+                android:layout_width="match_parent"
+                android:layout_height="wrap_content" />
+        </ScrollView>
+
+    </LinearLayout>
+</RelativeLayout>
\ No newline at end of file
diff --git a/OpenKeychain/src/main/res/values/strings.xml b/OpenKeychain/src/main/res/values/strings.xml
index f72bdb7fc..d274a5ca3 100644
--- a/OpenKeychain/src/main/res/values/strings.xml
+++ b/OpenKeychain/src/main/res/values/strings.xml
@@ -521,6 +521,7 @@
     <string name="api_select_pub_keys_text_no_user_ids">"Please select the recipients!"</string>
     <string name="api_error_wrong_signature">"Signature check failed! Have you installed this app from a different source? If you are sure that this is not an attack, revoke this app's registration in OpenKeychain and then register the app again."</string>
     <string name="api_select_sign_key_text">"Please select one of your existing keys or create a new one."</string>
+    <string name="api_select_keys_text">"None of the allowed keys is able to decrypt the content. Please select the allowed keys."</string>
 
     <!-- Share -->
     <string name="share_qr_code_dialog_title">"Share with QR Code"</string>
-- 
cgit v1.2.3